Appdome | BlackBerry | Tenable | Trend Micro
Q1. How is no-code technology making it easier for mobile app developers to create secure mobile apps? What specific issue does the no-code approach help organizations address?
Appdome is a no-code security build system that enables mobile app developers and/or security professionals to automate mobile app security and instantly build secure apps as part of the existing app development process. Appdome works with every app development framework out of the box, without requiring any changes to the app, without SDKs, without open-source libraries or plugins, without specialized compilers, and without any need to decorate the code. Appdome connects to the existing systems that developers already use to build apps today and does not require developers to change any of the tools they use or change the workflows used to build apps today.
Appdome provides the following unique benefits to developers and security professionals:
Using Appdome, the entire process of building security features and anti-malware protections into mobile applications is automated, much in the same way that DevOps teams use automation in every other part of the mobile development and continuous delivery process. Automating security helps customers deliver on a multi-layered and continuous cadence when it comes to in-app protections.
Q2. How have consumer expectations for mobile security changed or evolved in recent years? How should mobile app providers be responding to the changing expectations around mobile app security and privacy?
Mobile app security is no longer a ‘nice to have’. It is expected and required for ALL apps. As part of the Appdome Mobile Consumer Survey, we asked mobile consumers directly, “Do you feel that brands have a higher duty to protect mobile users?” Two-thirds or 68% of mobile app consumers feel very strongly that mobile app makers have a higher obligation to protect mobile users than ever before.
The Appdome Mobile Consumer Survey revealed developers should expect a harsh reaction to security issues. The data shows that mobile users will abandon mobile apps that either fail to protect their data or experience a breach. We asked: “If you discovered your app doesn’t protect your data, how likely are you to stop using it?” An overwhelming 70% of mobile users responded that they would stop using a mobile app if they learned the app did not protect their data.
For example, healthcare, that means patient ePHI data in mobile apps, or protecting patient identities, credentials, and patient-doctor communications. Protecting ePHI is required as part of ensuring HIPAA compliance. In banking and fintech, that means protecting all consumer data in mobile banking or fintech apps, including user identities, credentials, and Personal Identifiable Information (PII). Protecting PII is an essential part of complying with regulations such as the Gramm-Leach-Bliley Act, FINRA, PCI, PSD2, and GDPR.
Q3. What do you want customers at Black Hat USA 2022 to know about Appdome and its approach to mobile app security? What do you plan on highlighting at the event?
Appdome believes that security and DevSecOps teams deserve the same visibility, management, and control over the security release process as the dev team enjoys in other parts of the release cycle. Those are all necessary components in order to truly deliver mobile app security and malware prevention in apps as part of the existing app development process.
At Black Hat, we will be demonstrating how Appdome works in a live production environment. The demo will show how developers and security professionals use Appdome to build their required protections into any mobile app on demand, giving them a system of record to create, store, version control, and audit security releases across Android and iOS Apps and a build system to generate and build the required security protections into mobile apps instantly – no code, no dev required.
Source code is not required to build security into mobile apps. Appdome works with all modern file formats - AAB or APK for Android and Bitcode and IPA for iOS.
At Black Hat, Appdome will demonstrate how to build a broad set of security and malware prevention features into mobile apps instantly, on demand without any coding. Features include encryption, jailbreak/root prevention, MITM (Man-in-the-Middle) prevention, code obfuscation, app shielding, prevent overlay attacks and block the use of Magisk and Frida. We will review the Certified Secure certificate that is Appdome guaranteed that the protections are in the app and that the app is secure. Appdome customers also use Certified Secure certificate for audit purposes and to replace any need for pen tests.
Black Hat attendees can immediately start a free trial of Appdome and see how easy it is to add their desired security features to their own app.
Q1. BlackBerry's annual threat report released earlier this year noted an increasing collaboration among cybercriminals on malicious campaigns. What are the implications of this trend for enterprise organizations? Why should they care?
The current infrastructure of the underground cyber economy continues to evolve quickly with threat groups sharing hacking techniques, malware code, tech infrastructure, target lists, and even exporting stages of the process to hackers with specializations, allowing for attackers to operate faster and at scale. In fact, some of the biggest incidents of 2021 appear to have been the result of this outsourcing. On top of that, cybercriminals can often circumvent being shut down by authorities by breaking up and reorganizing as new cybercriminals groups. In addition, the proliferation of digital channels has brought old tactics – such as phishing and watering hole attacks – back into the mainstream, primarily because of their ability to scale. This suggests these tactics will continue to see relevance as digital innovations like the metaverse and increased AR solutions become popular.
So, what are the implications for enterprise organizations? Due to the outsourced nature of cybercrime, enterprise organizations can fall victim to both advanced and non-sophisticated threat actors, impacting every level of the structure, and can expect to face an uphill battle to protect themselves. Small enterprises are an increased focus of financially motivated threat actors, as small to medium-sized businesses (SMBs) face an average of 11 cyberthreats per day. As highlighted in our trends report, over 70% of SMBs have faced cyberattacks, and of those attacked, 60% are out of business within six months. Add to the equation the general shortage of cyber defense professionals and skills, and you end up with a deadly combination. In effect, a cyberattack on an SMB is often a death sentence for an enterprise, making it imperative that these smaller operations look for specialized help when it comes to cyber defense.
Q2. Looking out at the threat landscape over the next two years, what are the threats that worry you the most? How should organizations be preparing for them?
Over the next two years, the threat landscape will be defined by how quickly quantum computing evolves as it poses a great threat to data encryption and cybersecurity, despite providing plenty of possibilities in many other areas. Quantum computing will be able to solve extremely complex problems, far faster than a classical computer, including the algorithms behind encryption keys protecting our data. In the wrong hands, the processing power of quantum computing can enable bad actors to break public-key cryptography, particularly the RSA cryptography over time, which is widely used for secure data transmission. Most believe a quantum computer with technology advanced enough is still years away from being fully applied, which means now is the time to get ahead of this impending threat.
The cybersecurity community must start applying resources and our greatest minds to produce a solution to defend against quantum computing inevitably falling into the wrong hands. In addition to developing a solution, it is essential to educate teams on quantum computing literacy and the steps to creating a quantum-ready security architecture. NIST is in the process of developing post-quantum encryption standards, which are projected to be finalized before 2024, but organizations can still compare their security infrastructure to the shortlisted approaches that NIST is considering for standardization ahead of the finalization. This gives businesses an advantage in developing a long-term strategy for enhanced security, so they’re prepared once the cyber threat of quantum computing becomes a reality. Quantum computing will undoubtedly spur rapid technological advancements across multiple industries, including medical research, artificial intelligence, manufacturing, and weather, however, the cybersecurity implications on organizations and their sensitive data will be vast and uncharted if left overlooked.
Q3. What do you expect will be top of mind issues for your customers at Black Hat USA 2022 What do you want them to take away from BlackBerry's participation in the event?
At Black Hat USA 2022, we expect our customers to be focused on how to defend against the rise of ransomware gangs, the future of the threat landscape, and the risks and security implications of adopting the latest technology. Within the last six months, we’ve witnessed a number of cyberattacks on various infrastructures, including universities, manufacturers and even entire governments, and subsequently we expect these issues to be top of mind for our customers. We also expect our customers to be interested in upcoming technological developments like Web3, quantum computing and advancements in AI, and the implications on cybersecurity. Following Black Hat, our customers should understand how BlackBerry is developing products and services that address the current threat environment and security challenges and how our services can help augment their current capabilities and address their current concerns. Through our product demonstrations and announcements, we hope our customers will have a better understanding of the how our world-class threat research and innovation teams translate our knowledge of the adversary into actionable countermeasures and effective security outcomes.
Q1. How will Tenable's recent decision to add Terrascan to Nessus benefit customers? What specific issue or issues will it help them address or improve?
For more than 20 years, Nessus has helped to educate people on the basics of cybersecurity and is the gateway to cybersecurity for many newcomers. It’s always been a great tool that can take seemingly complex topics and synthesize them in a way that users can understand. The integration of Terrascan into Nessus reinforces that legacy, encouraging the adoption of security principals as early as possible in the cloud application delivery process. Now with more than 500 out-of-the-box policies, Nessus identifies issues such as missing or misconfigured encryption on resources and communication, as well as inadvertent exposure of cloud services, which is one of the most common issues we see. The ability to identify and remediate risk before it's ever introduced into your environment is huge. People who have always relied on Nessus now have an opportunity to get more comfortable with the notion of securing infrastructure in a more modern sense.
Q2. Why did Tenable acquire Accurics? How exactly is the acquisition helping organizations better identify IaC, runtime and other security-related issues in cloud environments?
Powered by our commitment to our customers, our path forward is to enable complete visibility of the attack surface so customers can measure and limit their asset exposure to a level that’s never been possible before. Over the last several years, we’ve made strong progress in the cloud, but the acquisition of Accurics provides customers with a complete lifecycle approach to modern risk management, leveraging IaC to identify and fix issues before they hit production, as well as runtime visibility to identify, track and remediate drift that happens once things are running in production.
Most problems cloud security companies are trying to solve for today boils down to vulnerability management on more modern assets. Over the next few years, as DevSecOps teams become more common, there will be a firm requirement for all assets, resources and code to undergo a vulnerability assessment before anything reaches production. Accurics set itself apart from other cloud competitors, having built a product with this forward-thinking concept in mind from the jump. The result is that Tenable.cs now enables our customers to expand their vulnerability management programs beyond traditional IT assets.
Q3. What are Tenable's plans at Black Hat USA 2021? What technologies and capabilities do you plan on highlighting at the event?
Tenable will have a large presence at Black Hat USA 2022–big plans for the booth, exciting opportunities to interact with our team of experts on site and learn more about what we’ve been up to since Black Hat USA 2021. In the last year, we’ve made several noteworthy advancements to our product portfolio, including the integration of Accurics, Cymptom and Bit Discovery, and our expansion into securing modern assets in the cloud.
Q1. What are some of the biggest requirements for—and challenges to—effective risk management in today's fast evolving threat environment?
Visibility is both a requirement for risk management and a major challenge for many organizations. Today’s distributed workforce and application sprawl have made this an even greater challenge. Assets, devices, and users must be visible to security teams so that all entities and activities can be monitored for suspicious activity.
In addition, we’ve recently seen how component level vulnerabilities introduced even more complexity for organizations in this regard. Log4shell was a glaring example of how organizations struggle to gain the level of visibility required to measure risk introduced by the widespread use of open-source components in commercial applications. Even a single application could package numerous instances and versions of a single open-source component making this assessment extremely difficult.
Once an organization can see the who and what of their environment, it can still be a challenge to prioritize risk levels of the applications, devices and users. Is that vulnerable instance of a library bundled within this application even exploitable? Is that CVSS 9.8 vulnerability that has no associated public exploit or POC something we should be patching immediately? How will not enabling the latest and greatest machine learning capabilities in my endpoint protection platform affect my ability to detect and response to the latest threats?
Without being able to answer some of these questions, it’s extremely difficult to decide on the most appropriate mitigation or remediation strategy. These are the foundational concepts for risk management, but they continue to be significant hurdles for CIOs and CISOs, especially in today’s threat environment.
Q2. What trends within the threat environment do you think will likely pose the biggest challenges for enterprise organizations over the next few years?
Ransomware will continue to be an attack of choice for cybercriminals. The exact targets, both the target companies and the target attack surface, will evolve based on the IT trends of the day. But the ransomware model continues to be successful, and criminals don’t typically stray far from what works. The determining factor for target organizations and platforms involve the ROI for the criminals. What will create the greatest return on investment for their efforts?
In the past, “spray and pray” ransomware targeting worked. Now, more specific targets are chosen for highly tailored attacks that demand high payouts. Endpoints were the target of choice when ransomware was first on the rise. Endpoints can still be targeted via email today – that’s still quite common – but we also see ransomware targeting cloud-based assets and systems increasing.
In addition to ransomware, we’ll continue to see cybercriminals taking advantage of vulnerabilities and misconfigurations in cloud infrastructure. The elasticity and dynamic nature of these environments can be very appealing to those looking to hijack system resources for their own use such as crypto mining or hosting their malicious infrastructure.
Lastly, the exploitation of vulnerabilities will continue to rise. With over 20,000 vulnerabilities disclosed in 2021, and a current pace to surpass that in 2022, vulnerability management teams struggle to keep up. This will continue to leave the door open for cybercriminals to continue to take advantage of these flaws to achieve their objectives.
Q3. What are Trend Micro's plans at Black Hat USA 2022? What can customers expect from your company at the event?
We are very excited to have an opportunity to see some of our customers face to face at the event, many of which we may be seeing for the first time in a few years. Trend Micro is in a unique position in 2022 and we have much to share. We continue to see double digit growth, building on 95 consecutive quarters of profitability, and that validates our customer-first approach to security.
At Black Hat USA 2022, we invite attendees to experience the difference of simple, complete visibility and ongoing risk assessment through our Trend Micro One platform. Offensive oriented approaches to security are continuing to gain momentum and we are looking forward to sharing our experience and knowledge in this area through two fun, hands-on challenges where attendees can test their red and blue team skills in real-world situations.
